problem with password protected posts with nginx

  • buffcleb

    (@buffcleb)


    10 years, 3 months ago

    I have a server that has both nginx/varnish and apache running and able to server up the same wordpress site.

    I am having a problem with password protected posts under nginx. With apache they work fine. with nginx I stay on the password page and can not view the content.

    the nginx log does not show an error :

    10.0.28.100 – – [09/Jan/2014:09:31:24 -0500] “POST /IIII/wp-login.php?action=postpass HTTP/1.1” 302 5 “http://XXXXXX/IIII/mid-project-report/” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/536.29.13 (KHTML, like Gecko) Version/6.0.4 Safari/536.29.13” “X.X.X.X”
    10.0.28.100 – – [09/Jan/2014:09:31:25 -0500] “GET /IIII/mid-project-report/ HTTP/1.1” 200 7683 “http://XXXXXX/IIII/mid-project-report/” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/536.29.13 (KHTML, like Gecko) Version/6.0.4 Safari/536.29.13” “X.X.X.X”

    not sure where to look from here…

    everything else seems to work fine on the nginx site

    we are running WordPress 3.5.1

    thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • Dave Naylor

    (@wpranger)

    10 years, 3 months ago

    This snippet:

    /*
  // Cache any dynamic content
  if (req.url !~ "wp-(login|admin|signup)" && req.url !~ "preview" || req.url ~ "admin-ajax.php"){
    std.log("Request is not for login, admin, preview, sign up or admin-ajax so don't cache it");
      if (req.http.Cookie !~ "wordpress_logged_in "){
        std.log("User is not logged in");
        if (req.http.Cookie !~ "wp-postpass"){
          std.log("Post is not password protected");
          unset req.http.cookie;
          return(lookup);
        }
      }
    }
  }
  */
}

    Taken from here:

    https://github.com/JohnMcLear/Wordpress-Varnish-VCL/blob/master/default.vcl

    may be of use to you.

    I’m assuming you flip flop between Apache/Nginx both of which are fronted by Varnish? And WordPress 3.51? Really?

    Thread Starter buffcleb

    (@buffcleb)

    10 years, 3 months ago

    I only manage the server (apache, nginx/ varnish) and make it work for the team that does WordPress… so I don’t have much control over the WordPress version.

    We are migrating from apache to nginx and just cut things over yesterday. We still need to use apache to process our shibboleth logins until we can re-engineer that to work with nginx. To do this I pass all requests to wp-login.php to apache which is listening to an alternate port and not accessible through the firewall. Its a cludge but it works.

    I thought everything was working until I got a call about users not being able to access password protected pages… Didn’t know we had any until then… or how they worked

    After much digging into password protected pages and using firebug I found that I was not getting wp-postpass cookies so I removed this from the vcl_fetch section :

    # only allow cookies to be set if we're in admin area
    if( beresp.http.Set-Cookie && req.url !~ "^/wp-(login|admin)"){
            unset beresp.http.Set-Cookie;
    }

    which I know kills the caching for right now… I will go into dev now and look at that link you provided but for now I am no longer in firefighting mode.

    thanks

    Thread Starter buffcleb

    (@buffcleb)

    10 years, 3 months ago

    just incase anyone finds this with the same issue I also had to add this to vcl_recv

    # password protected pages miss cache
    if( req.http.Cookie ~ "wp-postpass_" ){
            return (pass);
    }
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘problem with password protected posts with nginx’ is closed to new replies.